Can Backtrack be used as an Automated Network Vulnerability Scanner???

If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Can Backtrack be used as an Automated Network Vulnerability Scanner???

Need a solution that will scan entire network and do robust reporting on existing vulnerabilities of all nodes and devices; also possibly do remediation & patch management...comments please...thx I'm a NOOB.

Re: Can Backtrack be used as an Automated Network Vulnerability Scanner???

Originally Posted by HORTA

Need a solution that will scan entire network and do robust reporting on existing vulnerabilities of all nodes and devices; also possibly do remediation & patch management...comments please...thx I'm a NOOB.

Re: Can Backtrack be used as an Automated Network Vulnerability Scanner???

or NeXpose. If you can get either of them working, can be quite a hassle sometimes, but they both have support pages on their websites to help you out. Neither NeXpose or Nessus will fix the vunerabilities for you, but both give solutions that you can implement yourself. And remember this wont list all of the vunerabilities. Just the ones they know to search for. What im trying to get at is that just because Nessus and NeXpose say they cant find any vulnerabilities, doesn't mean your safe.

Re: Can Backtrack be used as an Automated Network Vulnerability Scanner???

Originally Posted by HORTA

Need a solution that will scan entire network and do robust reporting on existing vulnerabilities of all nodes and devices; also possibly do remediation & patch management...comments please...thx I'm a NOOB.

Please be aware that scanning certain devices with some of the tools in Backtrack can cause the device being scanned to stop responding and possibly crash, so you should be very careful whenever you're doing such scans. You should not do a blanket scan against an entire subnet without knowing exactly what's on the subnet first and doing the appropriate research if the devices on the subnet can withstand a scan.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.